FYI, I have experienced this exact issue and have noticed that indeed changing over to bridge mode cures it. I only noticed this when I started doing some work that required me to move around several hundred gigs of data from my windows partition. I moved from working out of my living room over 802.11n to working from my desk plugged into my gigabit network. I have NEVER seen this issue on wireless, only on ethernet and only on fusion 2.0. When I have experienced this, I had DNS and WINS hang, but IP connectivity worked fine. I did a wireshark capture from the host and saw it was sending out requests but not getting them back. I changed over to bridged mode and that cured it. The place where I noticed the issue was with local file copies to my linux server over CIFS/SMB/Samba. I have wireshark in the guest, the host and I have tcpdump on the DNS server (same as Samba server) and I will specifically go back into NAT mode and make captures when I re-create the problem.

Another realization I made is that CIFS performance sucks through the VMware NAT layer in the guest OS. I had performance problems writing out as little as 100 megs over the network. In bridge mode it takes a few seconds, in NAT mode it can take 30-40 seconds. The cache on the raid controller in the server has more than enough RAM to cache 100 megs worth of writes not to mention the cache in the server so a transfer that small should be basically limited by the wire and the CIFS protocol. I have noticed that if I shutdown vmware and restart it the performance gets significantly better.I have abandoned use of bridge mode while at home for that reason and only use it while at a customer's site. It would be nice to have a quick way to toggle the networking mode for when you drop your wireless link. Either that or have a second virtual NIC that is attached to the wireless link via NAT so that when your bridged ethernet link goes away the laptop can switch over to wireless.

I am able to see this consistently everyday. I can provide all the logs but dont want to go through the trouble if you are already solved on this issue. Can you please respond if you want me to provide more information?

Included are some dumps from me.

host:

- MacBook Pro 3.1; OS X 10.5.6; VMWare Fusion 2.0.2

- en1 (wifi): 00:1b:63:c9:e8:0d 172.18.0.128/24 (dhcp) 2001:470:1f09:71d:21b:63ff:fec9:e80d/64 (dhcp) fe80::21b:63ff:fec9:e80d/64

- vmnet8: 192.168.44.1/24, 192.168.44.2/24

- uname -a: Darwin kward-mac.ie.corp.forestent.com 9.6.0 Darwin Kernel Version 9.6.0: Mon Nov 24 17:37:00 PST 2008; root:xnu-1228.9.59~1/RELEASE_I386 i386

- /etc/resolv.conf:

domain corp.forestent.com
nameserver 172.18.0.8
nameserver 208.67.222.222

vm: Ubuntu 8.04 Server 32-bit

- eth0: 00:0c:29:3e:04:25 192.168.44.3/24 (static) fe80::20c:29ff:fe3e:425/64

- uname -a: Linux ubuntu804s 2.6.24-23-server #1 SMP Mon Jan 26 00:55:21 UTC 2009 i686 GNU/Linux

- /etc/resolv.conf:

search localdomain
nameserver 192.168.44.2

pcap's grabbed with:

- host: sudo tcpdump -i en1 -w host.pcap

- vm: sudo tcpdump -i eth0 -w vm.pcap

- vmnet: sudo /Library/Application\ Support/VMware\ Fusion/vmnet-sniffer -e -w /tmp/vmnet.pcap vmnet8

As with the previous commenter, this happens roughly every 1-3 days. Once it starts, all networking is pretty slow to the VM. I have experienced this with Fusion 2.0.0-2.0.2, and IIRC 1.x as well (but that was a while ago).

A bit more that I have tried (each type of request at least 3x, host/vm is where the command was run):

- dig slashdot.org @192.168.44.1 -- host: no vm: no

- dig slashdot.org @192.168.44.2 -- host: no vm: no

- dig +tcp slashdot.org @192.168.44.2 -- host: host unreachable vm: connection refused

- dig slashdot.org @172.18.0.8 (my internal dns server) -- host: yes vm: works once, then subsequently fails

- dig +tcp slashdot.org @172.18.0.8 -- host: yes vm: yes (eventually and slow, but subsequent are fast and repeatable)

- dig slashdot.org @172.18.0.8 (immediately after +tcp) -- vm: works once, then subsequently fails

I was surprised to see that only UDP requests were allowed against the VM interface (192.168.44.2) as DNS requires TCP once the replies become too large. Also DNS can use either TCP or UDP for transport, although UDP is generally preferred.

From RFC 2181:

9. The TC (truncated) header bit \\ The TC bit should be set in responses only when an RRSet is required \\ as a part of the response, but could not be included in its entirety. \\ The TC bit should not be set merely because some extra information \\ could have been included, but there was insufficient room. This \\ includes the results of additional section processing. In such cases \\ the entire RRSet that will not fit in the response should be omitted, \\ and the reply sent as is, with the TC bit clear. If the recipient of \\ the reply needs the omitted data, it can construct a query for that \\ data and send that separately. \\ Where TC is set, the partial RRSet that would not completely fit may \\ be left in the response. When a DNS client receives a reply with TC \\ set, it should ignore that response, and query again, using a \\ mechanism, such as a TCP connection, that will permit larger replies. \\

Looking forward to a fix! Let me know if I can help with anything else.

- kate

I just ran into this bug for the first time since the Beta tests of fusion 1.0. Here's the trace you wanted. Hope it helps.